/// <summary>
/// Sign the data with this private key, returning a signature Blob.
/// </summary>
///
/// <param name="data">The input byte buffer.</param>
/// <param name="digestAlgorithm">the digest algorithm.</param>
/// <returns>The signature Blob, or an isNull Blob if this private key is not
/// initialized.</returns>
/// <exception cref="TpmPrivateKey.Error">for unrecognized digestAlgorithm or an errorin signing.</exception>
public Blob sign(ByteBuffer data, DigestAlgorithm digestAlgorithm)
{
if (digestAlgorithm != net.named_data.jndn.security.DigestAlgorithm.SHA256)
{
throw new TpmPrivateKey.Error(
"TpmPrivateKey.sign: Unsupported digest algorithm");
}
System.SecuritySignature signature = null;
if (keyType_ == net.named_data.jndn.security.KeyType.EC)
{
try {
signature = System.SecuritySignature
.getInstance("SHA256withECDSA");
} catch (Exception e) {
// Don't expect this to happen.
throw new TpmPrivateKey.Error(
"SHA256withECDSA algorithm is not supported");
}
}
else if (keyType_ == net.named_data.jndn.security.KeyType.RSA)
{
try {
signature = System.SecuritySignature
.getInstance("SHA256withRSA");
} catch (Exception e_0) {
// Don't expect this to happen.
throw new TpmPrivateKey.Error(
"SHA256withRSA algorithm is not supported");
}
}
else
{
return(new Blob());
}
try {
signature.initSign(privateKey_);
} catch (InvalidKeyException exception) {
throw new TpmPrivateKey.Error("InvalidKeyException: "
+ exception.Message);
}
try {
signature.update(data);
return(new Blob(signature.sign(), false));
} catch (SignatureException exception_1) {
throw new TpmPrivateKey.Error("SignatureException: "
+ exception_1.Message);
}
}
/// <summary>
/// Fetch the private key for keyName and sign the data, returning a signature
/// Blob.
/// </summary>
///
/// <param name="data">Pointer the input byte buffer to sign.</param>
/// <param name="keyName">The name of the signing key.</param>
/// <param name="digestAlgorithm">the digest algorithm.</param>
/// <returns>The signature Blob.</returns>
/// <exception cref="System.Security.SecurityException"></exception>
public override Blob sign(ByteBuffer data, Name keyName,
DigestAlgorithm digestAlgorithm)
{
if (digestAlgorithm != net.named_data.jndn.security.DigestAlgorithm.SHA256)
{
throw new SecurityException(
"MemoryPrivateKeyStorage.sign: Unsupported digest algorithm");
}
// Find the private key and sign.
MemoryPrivateKeyStorage.PrivateKey privateKey = (MemoryPrivateKeyStorage.PrivateKey)ILOG.J2CsMapping.Collections.Collections.Get(privateKeyStore_, keyName
.toUri());
if (privateKey == null)
{
throw new SecurityException(
"MemoryPrivateKeyStorage: Cannot find private key "
+ keyName.toUri());
}
System.SecuritySignature signature = null;
if (privateKey.getKeyType() == net.named_data.jndn.security.KeyType.RSA)
{
try {
signature = System.SecuritySignature
.getInstance("SHA256withRSA");
} catch (Exception e) {
// Don't expect this to happen.
throw new SecurityException(
"SHA256withRSA algorithm is not supported");
}
}
else if (privateKey.getKeyType() == net.named_data.jndn.security.KeyType.ECDSA)
{
try {
signature = System.SecuritySignature
.getInstance("SHA256withECDSA");
} catch (Exception e_0) {
// Don't expect this to happen.
throw new SecurityException(
"SHA256withECDSA algorithm is not supported");
}
}
else
{
// We don't expect this to happen.
throw new SecurityException("Unrecognized private key type");
}
try {
signature.initSign(privateKey.getPrivateKey());
} catch (InvalidKeyException exception) {
throw new SecurityException("InvalidKeyException: "
+ exception.Message);
}
try {
signature.update(data);
return(new Blob(signature.sign(), false));
} catch (SignatureException exception_1) {
throw new SecurityException("SignatureException: "
+ exception_1.Message);
}
}
/// <summary>
/// Fetch the private key for keyName and sign the data, returning a signature
/// Blob.
/// </summary>
///
/// <param name="data">Pointer the input byte buffer to sign.</param>
/// <param name="keyName">The name of the signing key.</param>
/// <param name="digestAlgorithm">the digest algorithm.</param>
/// <returns>The signature Blob.</returns>
/// <exception cref="System.Security.SecurityException"></exception>
public sealed override Blob sign(ByteBuffer data, Name keyName,
DigestAlgorithm digestAlgorithm)
{
if (!doesKeyExist(keyName, net.named_data.jndn.security.KeyClass.PRIVATE))
{
throw new SecurityException(
"FilePrivateKeyStorage.sign: private key doesn't exist");
}
if (digestAlgorithm != net.named_data.jndn.security.DigestAlgorithm.SHA256)
{
throw new SecurityException(
"FilePrivateKeyStorage.sign: Unsupported digest algorithm");
}
// Retrieve the private key.
KeyType[] keyType = new KeyType[1];
PrivateKey privateKey = getPrivateKey(keyName, keyType);
// Sign.
System.SecuritySignature signature = null;
if (keyType[0] == net.named_data.jndn.security.KeyType.RSA)
{
try {
signature = System.SecuritySignature
.getInstance("SHA256withRSA");
} catch (Exception e) {
// Don't expect this to happen.
throw new SecurityException(
"FilePrivateKeyStorage: The SHA256withRSA algorithm is not supported");
}
}
else if (keyType[0] == net.named_data.jndn.security.KeyType.EC)
{
try {
signature = System.SecuritySignature
.getInstance("SHA256withECDSA");
} catch (Exception e_0) {
// Don't expect this to happen.
throw new SecurityException(
"FilePrivateKeyStorage: The SHA256withECDSA algorithm is not supported");
}
}
else
{
// We don't expect this to happen since getPrivateKey checked it.
throw new SecurityException(
"FilePrivateKeyStorage: Unsupported signature key type "
+ keyType[0]);
}
try {
signature.initSign(privateKey);
} catch (InvalidKeyException exception) {
throw new SecurityException(
"FilePrivateKeyStorage: InvalidKeyException: "
+ exception.Message);
}
try {
signature.update(data);
return(new Blob(signature.sign(), false));
} catch (SignatureException exception_1) {
throw new SecurityException(
"FilePrivateKeyStorage: SignatureException: "
+ exception_1.Message);
}
}